Lucene search
K

6 matches found

UbuntuCve
UbuntuCve
added 2012/08/27 9:55 p.m.23 views

CVE-2012-2112

Cross-site scripting XSS vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages...

4.3CVSS6AI score0.01387EPSS
Exploits0References3
CVE
CVE
added 2012/08/27 9:0 p.m.89 views

CVE-2012-2112

TYPO3 Exception Handler XSS (CVE-2012-2112): Affected TYPO3 versions are 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7. The vulnerability allows remote attackers to inject arbitrary web script or HTML via exception messages, i.e., a reflected XSS in exception handling. Imp...

4.3CVSS5.5AI score0.01387EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2012/04/23 12:0 a.m.75 views

[SECURITY] [DSA 2455-1] typo3-src security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2455-1 [email protected] http://www.debian.org/security/ Nico Golde April 20, 2012 http://www.debian.org/security/faq -...

4.3CVSS0.3AI score0.01387EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/04/23 12:0 a.m.23 views

Debian DSA-2455-1 : typo3-src - missing input sanitization

Helmut Hummel of the TYPO3 security team discovered that TYPO3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this...

4.3CVSS5.5AI score0.01387EPSS
Exploits0References4
Debian
Debian
added 2012/04/20 6:5 p.m.21 views

[SECURITY] [DSA 2455-1] typo3-src security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2455-1 [email protected] http://www.debian.org/security/ Nico Golde April 20, 2012 http://www.debian.org/security/faq -...

4.3CVSS5.8AI score0.01387EPSS
Exploits0
Typo3
Typo3
added 2012/04/17 12:0 a.m.98 views

Cross-Site Scripting Vulnerability in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting. Component Type: TYPO3 Core Affected Versions: 4.4.0 up to 4.4.14, 4.5.0 up to 4.5.14, 4.6.0 up to 4.6.7 and development releases of the 4.7 branch. Vulnerable subcomponent: Exception Handler Vulnerability Type: Cross-Si...

4.3CVSS0.2AI score0.01387EPSS
Exploits0Affected Software1
Rows per page
Query Builder